## What happened

The Hacker News reports on a joint warning from **CISA and the FBI** about phishing campaigns that target commercial messaging apps (CMAs) such as **Signal** and **WhatsApp**. The agencies say thousands of accounts have been compromised globally.

The alert emphasizes that the attacks are **social engineering**, not a cryptographic break of end-to-end encryption.

## How the attacks work (high level)

The report describes two main outcomes depending on what the victim does:

- **Sharing a verification code or PIN**: attackers can register/recover the account and start impersonating the victim for new messages.

- **Scanning a QR code or clicking a link that links a device**: attackers can attach a device to the account and potentially access message history (depending on the app/account state).

## Why it matters

Messaging accounts are now a key entry point into organizations because they can be used for:

- lateral phishing from a trusted identity

- access to sensitive conversations

- social engineering of colleagues and partners

## Defensive checklist

- Never share SMS verification codes or in-app PINs.

- Regularly review **linked devices** in Signal/WhatsApp settings.

- Be skeptical of "support" outreach; official support typically doesn't initiate contact via random DMs.

- Consider stronger account protections and user education for high-risk staff.

## Source

The Hacker News summary links to the underlying CISA resource and describes the reported tactics.